Targets Tremulous Trouble US and Conceivably Calgary or Canada?

Halloween is the unofficial start to the holiday shopping season, and here are some of the spookiest credit card frauds. Phishing, skimming and the old fashioned pick pocket are some of the most common. Are you taking the right steps to prevent...

on.aol.com

Just when we thought 40 Million customers were too much recent news from Target has stated that the number of affected is now 70 Million plus customers. Not only are the credit and debit card troubles mounting it has been recently noted that the hackers have: names, mailing addresses, phone numbers and e-mail addresses from the initial cyber-attack Nov 27 to Dec 15 2013. The new trouble from this attack is that customers have now been receiving: emails, customer service calls, follow up purchase calls and the like from imposters saying they are from Target.

Photo by Joe Raedle/Getty Images

Unfortunately the cyber-attack has left hackers with information that can be typically used or sold for stolen personal information on underground exchanges for use in e-mail “phishing” crusades intended at coaxing quarries to hand over even more sensitive information, such as bank account numbers.

UPDATE: As of 01/16/14 the security firm iSIGHT partners has new information that the hack may be tied to a Russian mob. The malicious software infects individual POS devices; It monitors data processed on the POS device, then transmits that data outside of the retailers- presumably back to the origin source wherever that may be. The firm referred to the software by a Russian name -- KAPTOXA -- because parts of the code were written in Russian. The malware is especially problematic to detect because it deletes records that could tell investigators if the data was transmitted fraudulently. Hackers also obtained encrypted PIN numbers for debit cards, the company has stated.

Could this kind of attack happen in CalgaryTarget shops? Yes- Though typically less than the counterparts to the south (U.S.) any system is vulnerable if the proper protection has not been enabled. To date there has been no mention of Canadian shops being involved at this time. Canadian banks, big businesses (energy, recruiting etc) seem to be, currently, the targets for hackers. Never underestimate hackers! What happens in the USA can easily happen here in the computer world.

How does this happen?

Free Wi-Fi accesssetups: Hackers use widely available "capture" software to intercept data exchanged across wireless networks. "Capture" applications enable hackers to see what one was viewing on screen, and to: Steal personal and financial data including credit card information and plant remote-control programs. On POS systems hackers can plant a skimming device- Similarly skimming devices look like original POS systems and skim personal and financial data.

Note: Most Canadian banks have feature that allows the customer to opt out of wireless transactions. Meaning that the customer would only be able to use debit or credit cards at check-out counters, ATMs, bank counters and not the "tap and go" systems. If one can "opt-out" of wireless transactions it would be prudent to do so. Change your PIN numbers frequently to potentially avoid a breach of your information.

Hackers can also intercept emails and pillage private email accounts. Once that happens hackers can send spam mail to anyone on the email list. Security firms are finding more sophisticated breaches in terms of virus, malware code or malicious programs that can be specifically designed to find and capture credit card information.

-> When using free wireless networks, visit only recognized websites that don't require a sign on. Look for Telus, Shaw, Bell or Rogers hotspots. Many large companies have hotspots at Calgary coffee shops etc.

Website breaches and suspicious emailsSecurity experts know that hackers will send out personalized emails or phone calls to clients, usually, from the compromised financial or retail establishments asking customers to supply their private login IDs and passwords at genuine-looking websites. Even at an official site, a seemingly innocuous pop-up ad can place a remote-access program on your computer. Just as disconcerting is the fact that 11 per cent of Canadians admit to sending credit card information via email- clear text!

-> Never click on links from suspicious sources, Never give private information to a caller from a bank or store without verifying its authenticity or include credit card information on emails.

Offline hacking or Electronic PickpocketingHackers target financial information even when one is away from the computer. This is especially true for credit cards with embedded radio-frequency identification (RFID) chips that send out radio waves for exchanging data with credit card processors.

By placing a reader close enough to where one would carry a card, hackers retrieve the credit card number, expiration date and name.

Invading your Facebook,Twitter, Instagram or Snap chat accountCanada has over 17 million Facebook users. Facebook is one of the intermediate level websites to penetrate- using just the email address and name, cyber delinquents can easily take over an account. Invading hackers can then copy any credit card information found under Payment Methods on the Payments tab of the social media account settings and then use or sell the information to others who would want that information. Any information cyber delinquents have they can use to get into any accounts.

->Always clear credit card information from any of your social media account settings.

Share this article

With more than 10years experience in the area of network security, Ms. Lisa Campbell has conducted secure system design as well as conducted SOX audits. She is fully skilled in performing architecture reviews for current security implications as well as incident response and digital forensics.